$ rpki-client -vvf rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/5C28B7DC91B211EC838CA523C4F9AE02.roa File: 5C28B7DC91B211EC838CA523C4F9AE02.roa (raw, json) Hash identifier: crKRXXM/J427gXLoL1vXGlLSDoYWn3lWggijaATf0co= Subject key identifier: 36:DA:B4:8F:3E:5C:24:9E:A0:22:81:28:B0:72:AB:A9:40:F7:77:CE Certificate issuer: /CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77 Certificate serial: 0477 Authority key identifier: 1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/5C28B7DC91B211EC838CA523C4F9AE02.roa Signing time: Sat 25 Jan 2025 00:13:35 +0000 ROA not before: Sat 25 Jan 2025 00:13:35 +0000 ROA not after: Tue 31 Mar 2026 00:00:00 +0000 asID: 212357 IP address blocks: 2407:9240:2300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 21:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1143 (0x477) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91618BC Validity Not Before: Jan 25 00:13:35 2025 GMT Not After : Mar 31 00:00:00 2026 GMT Subject: CN=67942caf-0e14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:cc:c9:bc:af:3f:5e:89:ec:0a:ad:71:5c:24: 79:a0:9d:43:4a:01:e9:ec:cd:4d:f8:c3:f0:99:9d: 72:26:af:28:13:b3:04:c4:6b:70:a0:74:6c:06:29: 9c:87:38:1e:99:02:c7:3c:f0:05:d7:47:b1:e3:db: 09:96:73:98:5c:c2:f5:84:ff:9d:bc:ec:52:87:ee: b7:e9:af:5c:a9:af:b3:97:84:42:dd:bd:95:a5:ea: d5:81:4d:3d:6f:4b:de:10:7e:13:57:d0:e8:40:28: f5:06:ca:40:13:6a:b9:f4:98:1a:47:f6:ef:89:a8: 37:78:82:31:d9:c5:7e:2e:d6:e4:81:2b:21:00:fe: 96:b6:5b:e7:1c:04:77:a8:3e:4d:93:6f:14:74:15: e7:fb:b0:51:2b:67:36:cd:20:04:80:3a:06:05:57: 50:72:cd:cd:6d:70:86:c9:76:b1:a3:7e:5a:2d:be: c7:9c:76:89:38:71:70:5a:92:80:62:11:2b:c9:d2: 71:37:1d:91:30:b8:87:89:8d:65:f7:47:a4:14:9b: a9:85:95:92:e1:22:4f:ee:60:82:ce:86:6d:28:5e: e9:cc:0a:6f:1f:18:31:13:8b:ce:0c:a3:cb:30:1a: 91:3e:80:4e:c1:ac:84:cc:37:4d:f0:07:98:8c:a8: eb:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:DA:B4:8F:3E:5C:24:9E:A0:22:81:28:B0:72:AB:A9:40:F7:77:CE X509v3 Authority Key Identifier: keyid:1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/5C28B7DC91B211EC838CA523C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv6: 2407:9240:2300::/40 Signature Algorithm: sha256WithRSAEncryption 7f:0d:52:ea:a7:a5:ed:75:4d:a4:94:6c:b5:d2:a5:7c:0d:bd: f5:72:d7:3f:4b:3b:2c:8c:52:4a:ff:ff:8c:7c:2c:bb:d6:dc: 4c:a9:d3:a6:cc:87:de:d8:95:67:b2:5b:cf:38:31:7d:0b:9a: b5:01:a5:b8:21:46:23:78:97:9b:90:6a:14:65:37:22:a7:64: a4:4c:69:a5:dc:65:7f:76:a6:a5:05:91:33:24:27:bd:78:ee: 9b:21:c5:dd:97:72:d2:f9:32:41:72:60:71:02:2e:be:d1:1b: e9:15:38:d8:d1:35:77:bf:fa:32:0e:93:14:fd:8a:cc:75:fe: b1:11:ea:14:50:e5:fa:e9:1f:2f:b3:80:e9:e0:04:1e:b3:51: 64:b7:45:31:14:04:0c:18:70:19:32:dc:5a:99:97:49:3e:97: f0:34:fd:a3:32:b5:b3:84:80:f2:fd:cb:8a:40:31:91:ed:04: f5:bb:36:14:dd:30:a8:31:16:e4:55:7b:34:5f:e0:02:e1:82: 06:a6:dd:bc:f3:dc:fb:3e:23:ad:fb:b3:23:e5:dc:d8:f5:86: a4:57:1e:c1:df:53:d6:4f:a7:8d:de:c2:38:08:df:1d:4e:ec: 39:77:29:4f:ea:c7:05:19:66:b7:68:b3:ff:42:0f:45:3a:8d: ca:e7:f7:33 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgICBHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjE4QkMxMTAvBgNVBAUTKDFBRUJDRDgyRDcwMjgzNDNCNzQ1QUQ0MDY3MzlDREI5 MkQ0REZCNzcwHhcNMjUwMTI1MDAxMzM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD VQQDEw02Nzk0MmNhZi0wZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqczJvK8/XonsCq1xXCR5oJ1DSgHp7M1N+MPwmZ1yJq8oE7MExGtwoHRsBimc hzgemQLHPPAF10ex49sJlnOYXML1hP+dvOxSh+636a9cqa+zl4RC3b2VperVgU09 b0veEH4TV9DoQCj1BspAE2q59JgaR/bviag3eIIx2cV+LtbkgSshAP6WtlvnHAR3 qD5Nk28UdBXn+7BRK2c2zSAEgDoGBVdQcs3NbXCGyXaxo35aLb7HnHaJOHFwWpKA YhErydJxNx2RMLiHiY1l90ekFJuphZWS4SJP7mCCzoZtKF7pzApvHxgxE4vODKPL MBqRPoBOwayEzDdN8AeYjKjr3wIDAQABo4IClzCCApMwHQYDVR0OBBYEFDbatI8+ XCSeoCKBKLByq6lA93fOMB8GA1UdIwQYMBaAFBrrzYLXAoNDt0WtQGc5zbktTft3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MThCQy9FRDdCNjJBQzVE ODcxMUVDOUMxRDcwMkNDNEY5QUUwMi9HdXZOZ3RjQ2cwTzNSYTFBWnpuTnVTMU4t M2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d1dk5ndGNDZzBPM1JhMUFaem5OdVMxTi0zYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx NjE4QkMvRUQ3QjYyQUM1RDg3MTFFQzlDMUQ3MDJDQzRGOUFFMDIvNUMyOEI3REM5 MUIyMTFFQzgzOENBNTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E EjAQMA4EAgACMAgDBgAkB5JAIzANBgkqhkiG9w0BAQsFAAOCAQEAfw1S6qel7XVN pJRstdKlfA299XLXP0s7LIxSSv//jHwsu9bcTKnTpsyH3tiVZ7JbzzgxfQuatQGl uCFGI3iXm5BqFGU3IqdkpExppdxlf3ampQWRMyQnvXjumyHF3Zdy0vkyQXJgcQIu vtEb6RU42NE1d7/6Mg6TFP2KzHX+sRHqFFDl+ukfL7OA6eAEHrNRZLdFMRQEDBhw GTLcWpmXST6X8DT9ozK1s4SA8v3LikAxke0E9bs2FN0wqDEW5FV7NF/gAuGCBqbd vPPc+z4jrfuzI+Xc2PWGpFcewd9T1k+njd7COAjfHU7sOXcpT+rHBRlmt2iz/0IP RTqNyuf3Mw== -----END CERTIFICATE-----Generated at Sat Apr 5 02:13:24 2025 by rpki-client